Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Monthly Archives: February 2011

Posted in Consumer Privacy

Privacy in the Legislative Branch: A Quick Update

Just as privacy remains front page news, it remains a subject of bi-partisan interest on Capitol Hill. This entry briefly describes (1) the oversight role Congressional committees are performing when privacy makes the news, (2) the establishment of a new Senate Judiciary Committee privacy subcommittee chaired by Senator Al Franken (D-MN); (3) the expected legislation to be introduced in the Senate; (3) the bills that have landed in the House and the other proposals expected there; (4) the focus on amendments to ECPA and CALEA; and (5) the contintuing innovations in state legislatures. In short, a two minute read on the state of privacy in the legislative branch.

Posted in Health Privacy/HIPAA

HHS Imposes a $4.3 Million Civil Monetary Penalty For Violations of the HIPAA Privacy Rule

Today the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) imposed a civil monetary penalty (CMP) in the amount of $4.3 million on Cignet Health for violations of the HIPAA Privacy Rule. This represents the first CMP imposed by HHS for HIPAA privacy violations.   When Congress enacted the HITECH law in [...]

Posted in News & Events

Upcoming Webinars on Privacy Developments in Washington and Data Security Breach Notification Laws

Two webinars, one afternoon. On Thursday, February 24, Hogan Lovells Privacy and Information Management Practice Director Chris Wolf will participate in a BNA webinar (along with Senior Governmental Affairs Advisor Nancy Granese of Hogan Lovells and Jules Polonetsky of the Future of Privacy Forum) on privacy developments in Washington, and an Experian webinar on data security breach notification laws (along with Reed Freeman of Morrison & Foerster and Tony Hadley of Experian). Both pay-to-view programs are open for sign-up now.

Posted in Employment Privacy

Supreme Court Defers on Constitutional Right to Information Privacy; Scalia Predicts Increased Litigation

On January 19, the Supreme Court decided NASA v. Nelson, a case brought by NASA contractors alleging that questions asked by the federal agency in a background check violated their constitutional right to information privacy — i.e., a constitutional privacy interest in the government “avoiding the disclosure of personal matters” recognized in a pair of 1977 cases, Whalen v. Roe and Nixon v. Administrator of General Services. At issue were questions that asked whether the contractors received “any treatment or counseling” regarding illegal drug use within the previous year (as a follow up to a question regarding whether they used, possessed, supplied or manufactured illegal drugs within that year), and questions directed toward references for information bearing on “suitability for government employment or security clearance,” including “adverse information” about an the contractor’s “honesty or trustworthiness,” “violations of the law,” “financial integrity,” “abuse of alcohol and/or drugs,” “mental or emotional stability,” “general behavior or conduct,” or “other matters.”

Posted in Cybersecurity & Data Breaches

NIST Issues Guidance on Cloud Computing Privacy and Security Requirements for Federal Agencies

Recent guidance from the National Institute of Standards and Technology (“NIST”) encourages federal agencies to take advantage of cloud computing. It also provides draft security and privacy guidelines for federal agencies to follow when engaging cloud providers. The draft guidelines serve as roadmaps for how to negotiate meaningful privacy and data security protections from cloud providers. Though prepared for federal agencies, the draft guidelines could prove influential to the private sector as an increasing number of private businesses use cloud services. NIST has requested comments on the drafts by no later than February 28, 2011.

Posted in Cybersecurity & Data Breaches, Health Privacy/HIPAA

FTC Posts Guidance for Providers and Insurers on Medical Identity Theft

Shining a new spotlight on health data breaches, the Federal Trade Commission recently posted a frequently asked questions guide to medical identity theft for health care providers and insurers. Medical identity theft occurs when one person obtains health care services or prescription drugs using the identity of someone else, or when those working in a health care provider setting [...]

Posted in Cybersecurity & Data Breaches

Cisco Privacy Site Features Hogan Lovells Cloud Compliance Primer

Cisco has launched a Privacy and Security Compliance Journey web site with a variety of useful materials and resources. Hogan Lovells is pleased to have its primer on legal issues in Cloud Computing including privacy and data security concerns as the first featured content on the Cisco site. A link to the primer is contained in this blog entry.